|
@@ -1,3 +1,91 @@
|
|
|
+Changes in version 0.2.3.6-alpha - 2011-10-??
|
|
|
+ o Major features:
|
|
|
+ - Implement a new handshake protocol for authenticating Tors to
|
|
|
+ each other over TLS. It should be more resistant to fingerprinting
|
|
|
+ than previous protocols, and should require less TLS hacking for
|
|
|
+ future Tor implementations. Implements Proposal 185.
|
|
|
+ - Allow variable-length padding cells to disguise the length of
|
|
|
+ Tor's TLS records. Implements part of Proposal 184.
|
|
|
+
|
|
|
+ o Major bugfixes (hidden services):
|
|
|
+ - Don't launch a useless circuit after failing to use one of a
|
|
|
+ hidden service's introduction points. Previously, we would
|
|
|
+ launch a new introduction circuit, but not set the hidden service
|
|
|
+ which that circuit was intended to connect to, so it would never
|
|
|
+ actually be used. A different piece of code would then create a
|
|
|
+ new introduction circuit correctly, so this bug was harmless until
|
|
|
+ it caused an assertion in the client-side part of the #3825 fix
|
|
|
+ to fail. Bug reported by katmagic and found by Sebastian Hahn.
|
|
|
+ Bugfix on 0.2.1.13-alpha; fixes bug 4212.
|
|
|
+ - When one of a hidden service's introduction points appears to be
|
|
|
+ unreachable, stop trying it. Previously, we would keep trying
|
|
|
+ to build circuits to the introduction point until we lost the
|
|
|
+ descriptor, usually because the user gave up and restarted Tor.
|
|
|
+ Partly fixes bug 3825.
|
|
|
+ - When an attempt to connect to a hidden service ends, consider
|
|
|
+ refetching its hidden service descriptors from each of the HSDir
|
|
|
+ relays responsible for them immediately. Previously, we would not
|
|
|
+ consider refetching the service's descriptors from each HSDir for
|
|
|
+ 15 minutes after the last fetch; this behaviour was inconvenient
|
|
|
+ if the hidden service was not running during the first attempt,
|
|
|
+ for example. Bugfix on 0.2.0.18-alpha; fixes bug 3335.
|
|
|
+
|
|
|
+ o Major bugfixes (other):
|
|
|
+ - Don't update the AccountingSoftLimitHitAt state file entry whenever
|
|
|
+ tor gets started. This prevents a wrong average bandwidth
|
|
|
+ estimate, which would cause relays to always start a new accounting
|
|
|
+ interval at the earliest possible moment. Fixes bug 2003; bugfix
|
|
|
+ on 0.2.2.7-alpha. Reported by BryonEldridge, who also helped
|
|
|
+ immensely in tracking this bug down.
|
|
|
+ - Fix a crash bug when changing node restrictions while a DNS lookup
|
|
|
+ is in-progress. Fixes bug 4259; bugfix on 0.2.2.25-alpha. Bugfix
|
|
|
+ by "Tey'".
|
|
|
+
|
|
|
+ o Minor bugfixes (on 0.2.3.x):
|
|
|
+ - Fix a bug in configure.in that kept it from building a configure
|
|
|
+ script with autoconf versions earlier than 2.61. Fixes bug 2430;
|
|
|
+ bugfix on 0.2.3.1-alpha.
|
|
|
+ - Don't warn users that they are exposing a client port to the
|
|
|
+ Internet if they have specified an RFC1918 address. Previously,
|
|
|
+ we would warn if the user had specified any non-loopback
|
|
|
+ address. Bugfix on 0.2.3.3-alpha. Fixes bug 4018; reported by Tas.
|
|
|
+
|
|
|
+ o Minor bugfixes (on 0.2.2.x and earlier):
|
|
|
+ - When one of a hidden service's introduction points times out,
|
|
|
+ consider trying it again during the next attempt to connect to
|
|
|
+ the HS. Previously, we would not try it again unless a newly
|
|
|
+ fetched descriptor contained it. Required by fixes for bugs
|
|
|
+ 1297 and 3825.
|
|
|
+ - Rephrase the log message emitted if the TestSocks check is
|
|
|
+ successful. Patch from Fabian Keil; fixes bug 4094.
|
|
|
+ - Bridges now skip DNS self-tests, to act a little more stealthily.
|
|
|
+ Fixes bug 4201; bugfix on 0.2.0.3-alpha, which first introduced
|
|
|
+ bridges. Patch by "warms0x".
|
|
|
+ - When a hidden service turns an extra service-side introduction
|
|
|
+ circuit into a general-purpose circuit, free the rend_data and
|
|
|
+ intro_key fields first, so we won't leak memory if the circuit
|
|
|
+ is cannibalized for use as another service-side introduction
|
|
|
+ circuit. Bugfix on 0.2.1.7-alpha; fixes bug 4251.
|
|
|
+
|
|
|
+ o Minor features:
|
|
|
+ - The next version of Windows will be called Windows 8, and it has
|
|
|
+ a major version of 6, minor version of 2. Correctly identify that
|
|
|
+ version instead of calling it "Very recent version". Resolves
|
|
|
+ ticket 4153; reported by funkstar.
|
|
|
+ - The bridge authority now writes statistics on how many bridge
|
|
|
+ descriptors it gave out in total, and how many unique descriptors
|
|
|
+ it gave out. Implements ticket 4200.
|
|
|
+ - Update to the October 4 2011 Maxmind GeoLite Country database.
|
|
|
+
|
|
|
+ o Code simplifications and refactoring:
|
|
|
+ - Remove the ability to define TRACK_SERVED_TIME. The feature
|
|
|
+ wasn't used and is now outdated that microdescriptors are around.
|
|
|
+ - Rename Tor functions that turn strings into addresses, so that
|
|
|
+ "parse" indicates that no hostname resolution occurs, and
|
|
|
+ "lookup" indicates that hostname resolution may occur. This
|
|
|
+ should help prevent mistakes in the future. Fixes bug 3512.
|
|
|
+
|
|
|
+
|
|
|
Changes in version 0.2.3.5-alpha - 2011-09-28
|
|
|
Tor 0.2.3.5-alpha fixes two bugs that make it possible to enumerate
|
|
|
bridge relays; fixes an assertion error that many users started hitting
|